If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Fedora safety issues ?

In the media lately there has been some articles about some safety issues in the linux-kernel related to the usb-drivers. If a hacker have access to the computer it seems to be possible to exploit these vulnerabilities and hack the computer. This made me think about some similar issues that is related to the usb-live version of the fedora operating system.

There is a way to get access to a fedora computer without knowing the password if you have access to the computer. If you connect a usb (or a live dvd )and start up the live-os and then open up a terminal and then just type the "su"command you will have full access to the computer, both root and user access. I have used this method over the years when i need to repair something and my linux os wont boot.

Is this to be regarded as a safety issue? I have never thought of this as an safety issue before i read the articles about the usb drivers. And do i need to fill in a bug report to the fedora developers?

Re: Fedora safety issues ?

It isn't a bug, the same applies to any linux live ISO, can come in very handy at times and ocratato is correct. accessing files is the least of your worries if someone has that level of access to your pc unauthorised. you can block booting from USB in EUFI firmware or BIOS whichever your machine uses and then password protect the BIOS Settings (should already be done if the machine is shared and you don't want people screwing with settings). Of course if they were hell bent on causing problems this too could be reset by them. It's easier on desktops but still achievable with a notebook PC too.

Re: Fedora safety issues ?

in addition to what's been mentioned, if your goal is to protect the data that might be on the computer's hard drive or ssd, then you need to think about encrypted volumes when you install the OS. this will then require a key to decrypt the volume and make it mountable and accessible. in this case, even if you can boot another OS on the same computer via live USB or other bootable medium, it doesn't immediately allow one to access the data on that computer.

just keep in mind, that only protects your data at rest. when you are using the system and have already provided key; and you subsequently get your system compromised, that encryption will not protect anything.